Due to the nature of the operations for which they are intended, such terminals which permit electronic payments, and more generally operations which require securing and which suppose for example that a secret code be communicated, are preferred targets for computer attacks.
In particular, a malicious computer application running on a payment terminal could damage the availability or operation of this terminal, or use the information provided by a user to carry out fraudulent operations.
Parts of code may for example be activated by the user him/herself, without realising it, when interacting with the terminal. A malicious application may especially obtain from the user sensitive data, such as bank data for example.
Phishing techniques are also used to incite the user to supply confidential data by usurping the identity of a respectable company. For example, the user may be directed without realising it to a malicious web site that presents itself as the site of the user's bank or for an online purchasing site.
According to another approach, the malicious application may play a film, requiring confidential information to be provided by simulating the usual interface of a secured application. The application “behind” the film may then collect the confidential information, and transmit to a fraudulent user.
Aware of the stakes, the players in the field have tried to equip their terminals to counter this type of attack.
One of the solutions retained consists of defining the requirements in terms of security of the payment terminals and applications for these terminals and of certifying the terminals and applications so as to respect these requirements.
In particular, the “PA DSS” (Payment Application Data Security Standard”) standard may be mentioned, defined by the PCI banking organisation interest group, the security requirements demanded by the EPC (European Payment Council) or by the “CB” bank card group.
The EMVCo (Europay Mastercard Visa Corporation) organisation also provides EMV certifications for payment applications or terminals through approved laboratories.
The certification of an application may for example lead to the insertion of a marker in the code of the application or in one of its configuration files.
The terminal then checks for the presence of this marker when the application is launched.
The certification of an application has thus become one of the criteria demanded by banking organisations to integrate it into a payment system.
One disadvantage of these techniques of the prior art lies in the obligation, for industrials supplying computer applications intended for payment terminals, to have each version of their application certified by an auditor certified by a standardisation group.
Consequently, a publisher of applications has to have an application certified to different standards if this application is designed to be used in several payment systems.
Another disadvantage lies in the fact that this certification operation may be costly, in terms of time and resources, for applications which change often.
The prior art also has the disadvantage of imposing a certification on all of the applications used on a terminal, whereas this is only essential for applications which effectively require securing. Consequently, on a payment terminal, a payment application must be certified. On the other hand, this is not necessary for a games application, or an application broadcasting information or advertisements.